Data masking is a method for obscuring (masking) specific data elements within a data store. Data masking ensures that sensitive data is replaced with realistic but not real data. A goal of data masking is to obscure sensitive data, so that the sensitive data is not available outside of the authorized environment. Data masking might be done while provisioning non-production environments, so that data used to support test and development processes are not exposing sensitive data.
With data masking, data can be made to look and behave like the original data, even though it is not the original data. Thus, data masking is one solution to protect data from internal and external threats by providing realistic data without the risk of exposing sensitive data to unauthorized users. Unlike encryption, data masking may help the data maintain its usability for activities, like software development, research, testing, etc.